Personal security system

ABSTRACT

A method for providing assistance to each of a plurality of users, each having been enrolled as a member of a community includes receiving, at a server, communications from corresponding mobile devices, each of which is associated with a user who has enrolled as a member in a first community. These emergency communications were initiated by activation of respective personal security buttons on the mobile devices, and provide information about respective security conditions. In response to the communications, the server alerts corresponding first and second security services that are appropriate responding to the respective security conditions.

CROSS-REFERENCE TO RELATED APPLICATIONS

The following applications are related to the present application byeither 35 USC 120 or 25 USC 119.

-   -   U.S. application Ser. No. 15/332,067, filed on Oct. 24, 2016.    -   U.S. application Ser. No. 15/054,544, filed on Feb. 26, 2016,        and which issued on Nov. 22, 2016 as U.S. Pat. No. 9,503,876.    -   U.S. application Ser. No. 14/748,721, filed on Jun. 24, 2015,        and which issued on Mar. 1, 2016 as U.S. Pat. No. 9,277,389.    -   U.S. application Ser. No. 13/440,319, which, was filed on Apr.        5, 2012, and which issued on Jun. 30, 2015 as U.S. Pat. No.        9,071,643.    -   U.S. application Ser. No. 11/687,818, which was filed on Mar.        19, 2007, and abandoned.    -   U.S. Provisional Application No. 60/784,276, Mar. 20, 2006        priority date of which was filed on Mar. 20, 2006.

The relationships between the above applications are set forth below.The applications are identified by serial number for brevity. Fullbibliographic information is contained in the above list. Where a firstapplication that “is a continuation” of a second, the applications inquestion are related by 35 USC 120. Where a first application “is anon-provisional” of a second, the applications are related by 35 USC119.

-   -   This application is a continuation of Ser. No. 15/332,067.    -   Ser. No. 15/332,067 is a continuation of Ser. No. 15/054,544.    -   Ser. No. 15/054,544 is a continuation of Ser. No. 14/748,721.    -   Ser. No. 14/748,721 is a continuation of Ser. No. 13/440,319.    -   Ser. No. 13/440,319 is a continuation Ser. No. 11/687,818,    -   Ser. No. 11/687,818 is a non-provisional of 60/784,276.

The contents of the foregoing applications are incorporated herein byreference.

FIELD OF INVENTION

This invention relates to a system for personal security.

BACKGROUND

Cellular telephone systems today typically provide some sort of locationtracking of users, for example, to determine the location of a user thatdials an emergency number (e.g., using E911). In some communities ofusers, such as students on a university campus, use of cellulartelephones has become ubiquitous, with users using text messaging andother applications to stay “connected.”

SUMMARY

In one aspect, the invention features a method for providing assistanceto each of a plurality of users, each of the users having been enrolledas a member of a community. Such a method includes receiving, at aserver, a first communication, the first communication having come froma first mobile device associated with a first user from, the pluralityof users, the first user having been enrolled as a member of a firstcommunity, the first communication having been initiated by activationof a personal security button on the first mobile device, the personalsecurity button being configured to issue a notification indicative of afirst security condition associated with the first user, receiving, atthe server, a second communication, the second communication having comefrom a second mobile device associated with a second user from theplurality of users the second user having been enrolled as a member ofthe first community, the second communication having been initiated byactivation of a personal security button on the second mobile device,the personal security button being configured to issue a notificationindicative of a second security condition that differs from the firstsecurity condition, the second security condition being associated withthe second user, in response to the first communication, causing theserver to alert a first security service, the first security servicebeing a security service that is appropriate for responding to the firstsecurity condition, and in response to the second communication, causingthe server to alert a second security service that differs from thefirst security service, the second security service being a securityservice that is appropriate for responding to the second securitycondition.

Some practices of the invention further include displaying, to the firstsecurity service, information characterizing the first user, anddisplaying, to the second security service, information characterizingthe second user. Among these practices are those that further include,in response to the first communication, sending a communication from thefirst security service to the first mobile device, and in response tothe second communication, sending a communication from the secondsecurity service to the second mobile device.

Other practices include displaying, to the first security service,information characterizing the first user and the first securitycondition and displaying to the second security service informationcharacterizing the second user and the second security condition.

Also among the practices of the invention are those in which whereincausing the server to alert a first security service includes causingthe server to alert campus police, and those in which causing the serverto alert a first security service includes causing the server to alert acaregiver of the first user.

Yet other practices of the invention includes those in which: thepersonal security buttons on the first and second mobile devices are onthe respective home screens of the first and second mobile devices;those in which the personal security buttons on the first and secondmobile devices are on corresponding dashboards of the first and secondmobile device; those in which the personal security buttons are onfirst, and second mobile devices that are both configured to provideone-touch access to respective first and second security services; andany combination of the foregoing.

In some practices of the invention, the first and second securityservices are different security services, whereas in others, they arethe same security service.

Yet other practices of the invention include those in which causing theserver to alert a first security service includes causing it to selectthe first security service based at least in part on the community orcausing it to select the first security service based at least in parton the first mobile device's location.

Still other practices include those in which causing the server to alerta first security service includes causing it to select the firstsecurity service based at least in part on a last-known location of thefirst mobile device, and those in which causing the server to alert afirst security service includes causing the server to select the firstsecurity service based at least, in part on a failure to receive acommunication from the first mobile device.

Among other practices of the invention includes those in whichreceiving, at a server, a first communication includes receiving an SMSmessage.

Other practices of the invention include including causing the server tosend a query to a location-based server to identify a location of thefirst mobile device.

Practices of the invention include those in which the first and secondusers are personnel on a military base, those in which they areresidents of a housing development, those in which they are members of aspecial-interest group, those in which they are guests of a hotel, andthose in which they are inhabitants of a city who have registered forservices provided by the server.

Still other practices include those in which causing the server to alerta first security service includes causing the server to select the firstsecurity service based at least in part on entry of the mobile phoneinto a location.

These and other features and advantages of the invention will beapparent from the following detailed description and the accompanyingfigures in which:

DESCRIPTION OF DRAWINGS

FIG. 1 is a block diagram of a personal security system; and

FIG. 2 is a graphical display for security personnel.

DETAILED DESCRIPTION

Referring to FIG. 1, a personal security system makes use of personalmobile handsets 128 coupled to a mobile communication system 120. Eachhandset 128 is associated with a corresponding user of the system. Insome examples, the handsets are cellular telephones that are coupled bya mobile telephone system, such as a GSM, CDMA or and iDen based system.

Very generally, the system makes use of a communication server 110, onefunction of which is to determine when a security situation may existfor one of the users, and to then alert an appropriate security service134. The security service then determines if there is truly a securitysituation, for example, by communicating with the user over the handsetor investigating in person.

In order to aid the security service, examples of the system make use ofvarious types of location based services. For example, the mobilecommunication system includes or has associated with it a location basedserver (LBS) 124, which is able to determine the location of aparticular handset 128. The communication server 110 can query the LBS124 (e.g., as a software based request over the Internet) to determinethe location of a particular handset. Different examples of the securitysystem make use of one or more types of location determinationapproaches. One type of location determination approach uses GlobalPositioning System (GPS) functionality that is built into the handset,optionally assisted toy fixed elements of the mobile communicationsystem 120 in an Assisted GPS (AGPS) approach. Other locationdetermination approaches use signal strength and/or directioninformation in triangulation approaches based on transmitted or receivedradio signals from the mobile communication system. Yet other approachesare based on cell identification in a cellular telephone network.

Some examples of the system provide services to multiple differentcommunities 130 of users. Communities can be various associations ofusers, which may each be served by their own security service 134. Anexample of a community is a university, with the security service beingthe campus police service for that university. In such an example,different universities typically have separate campus police services.

Note that in some examples, the communities may not be geographicallyseparated. For example, urban universities may have student communitiesthat are very close to one another (e.g., students of New YorkUniversity and Columbia University), and the users is such communitiesmay operate in overlapping geographic regions. The system supportsconfigurations in which the users are serviced by the security servicefor their community, regardless of their actual geographic location.

In some examples, the personal security system supports a personalsecurity button on the handset. Various approaches to configuring thehandset to provide such a button are possible, including throughprovisioning by the operator of the mobile communication system, and bydownloading software to a configurable device. For example, the “home”or “dashboard” screen of a mobile telephone can provide direct “onetouch” access to security services.

When a user activates the personal security button, the handset 128sends a message to the communication server 110. Various approaches tosending the message are used in different examples of the system. Someexamples use a Short Message Service (SMS) provided through the mobilecommunication system. When the communication server 110 receives themessage, it queries the LBS 124 to determine the location of the sendinghandset. In some examples the LBS already has access to locationinformation for the handset that is maintained by the communicationsystem, while in other examples, it in turn queries the communicationsystem which determines the handset's location. The LBS returns thehandset's location to the communication server 110, which then contactsthe appropriate security service 134 for the user's community.

Different examples of the system use various approaches to enrollment ofusers. In some approaches, a web-based approach is used in which a userprovides enrollment information to the communication server. Suchinformation includes an identification of the user's community 130, andoptionally personal information that might be useful to the securityservice in an emergency. In other examples, the users enroll through asystem operated by the community, and personal information is maintainedprivately within the community. The community provides the communicationserver with identifications of the handsets within its community.Example of personal information that may be useful to a security serviceis a photograph of the user and. physical data (e.g., gender, height,weight, hair color, etc.)

Some mobile communication systems 120 require that a user authorizeparticular parties so that they can access their location information,for example, through the LBS 124. In such systems, as part of theenrollment process the users provide the necessary authorization, whichis communicated to the LBS and/or the mobile communication system.

In some examples, the personal security system supports a mode that canbe used when a user expects to be at some risk for an upcoming intervalof time. For example, a university student may need to cross a campuslate at night and feel at risk walking along isolated paths.

Some examples of such a mode use a timer-based approach. Generally, whenthe user is about to initiate an interval of time during which they mayfeel at risk, they initiate the timing of an interval by the securitysystem. If the user “checks in” before the expiry of the interval, oralternatively in response to a prompt by the system at the end of theinterval, the user is deemed to be safe. On the other hand, if the userdoes not check in or does not respond to a prompt, or optionally if thehandset is not accessible from the communication system 120 during theinterval, the security service for that user's community is notifiedalong with the last known location of the handset.

Referring to FIG. 1, a sequence of steps for a previously registereduser of the system are described in such an example:

Step 1: The user notifies the communication server 110 that they areabout to start an at-risk interval. In different examples, this step iscarried, out in a variety of ways. For example, the handset may have abrowser (e.g., a wireless Application Protocol, WAP, browser) thataccesses an application at the communication server that provides agraphical interface for display on the handset. The graphical interfacepermits the user to enter the duration of the interval (or alternativelythe end time of the interval). In some examples, the user has provided aPersonal Identification Number (PIN) to be used to check in—in otherexamples the user provides a check-in PIN at the start of the interval.In some examples, a software application has already been loaded on thehandset, and the application sends data messages to the communicationserver 110 to initiate the interval. In other examples, communicationtechniques such as SMS, or voice based (e.g., using speech recognition)or touch-tone (DTMF) based interfaces are user by the user to inform thecommunication server that the interval is about to start. In someexamples, the communication between the handset and the communicationserver is direct, while in other examples, the communication is mediatedby a system operated by the user's community. When the communicationserver determines that the user has started an interval, it begins acount-down timer that will expire at the end of the interval.

Step 2a: Prior to the end of the interval, the user can communicate withthe communication server to check in and terminate the interval. WithPIN-based approaches, the user enters their secret PIN, which wasrecorded as part of a registration procedure, or was provided at thestart of the interval. In some examples, the user has the option ofentering a special PIN that indicates that they are in danger. Forexample, suppose an attacker forces a user to terminate the interval,the user can enter a special PIN, such a pre-arranged PIN or the normalPIN with a special suffix (e.g., adding a 1 at file end of the PIN).This can signal the communication server that the user is in dangerwithout alerting the attacker.

Step 2b: If at the end of the interval the user has not yet check in,the communication server can act on the possibility that the user: is indanger:. In some examples, the server first communicates automaticallywith the user. For example, the server may interact with an applicationexecuting on the handset, send a SMS-based message that needs to beresponded to, or may a telephone call requiring voice Or text entry ofthe PIN.

Step 3: If the user has not checked in prior to the expiry of theplanned interval, or has not responded to the prompt from the system atthe end of the interval in examples that are configured to provide sucha prompt, the communication server 110 requests location information forthe user's handset.

Step 4: The LBS 124 determines the last known location of the user,optionally with the time the location determination was made. The LBSthen send this location information to the communication server 110. Thelocation information may take various forms, such as latitude andlongitude.

Step 5: The communication server 110 notifies the security service 134for the user. In examples in which the communication server 110 servesmany communities, the server has been configured with at leastinformation identifying the particular security service to notify (oralternatively, multiple security services may be notified and only theone responsible for that handset acts on the notification). In examplesin which the communication server has additional personal informationrelated to the user (e.g., name, photo, etc.) it sends this informationalong with the notification. In examples in which the security servicehas access to personal information for that user, it accesses thatinformation in response to the notification.

In some examples, security personnel, for example at a command stationor at a mobile device for personnel on patrol, are provided with adisplay associated with the user and the current risk. For example,referring to FIG. 2, a graphical display with a map showing the user'slocation (or last known location), a photograph of the user, as well astext-based personal information are displayed to the security personnel.

Step 6: The security personnel attempt to interact with the user, forexample, by calling their handset to establish person-to-personcommunication, and/or by dispatching personnel to the user's location toprovide assistance. When appropriate, the security service may notifyother security organizations, such as a local police department, to helphandle the incident.

In some examples, when a user initiates an at-risk interval, thecommunication server may initially inform the security service andprovide location information obtained from the LBS on an ongoing basis.The security service can maintain a display, for example showing theirlocations on a map, of users as they travel. In some examples, users mayhave the option of permitting or denying such tracking, for example, forprivacy reasons. A concentration of users in a particular area may beaddressed by dispatching preventive patrols into the area. Also,historical information may be logged, for example, to identify areas andtime in which users feel at risk or in which incidents actually occur.Such historical information may be used, for example, to improve users'sense of security in those areas, for example though physicalimprovements (e.g., lighting) or increased patrols.

In some examples, the security period may be defined using other and/oradditional criteria than time duration or end time. For example, a usermay identify a route (e.g., using a destination building number) and thesecurity period is defined as the time until the user reaches thedestination. In such an example, the end of the security period may bedefined by the server as a reasonable time needed to reach thedestination. In some examples, the communication server may determinethat there may be a possible security condition if the user deviatessignificantly from a path to the declared destination.

In some examples, security periods may be initiated or defined byentities other than the user. For example, a parent may require that achild check in at a particular time (e.g., at midnight) or at a set ofprespecified times (e.g., every two hours). In addition or instead ofnotifying a security service, the parent may be notified if the childfails to check in. That is, the parent may serve the role of thesecurity service. Similarly, an elderly parent may need, to check inperiodically or else their adult child or other caregiver is notifiedwith information about their location. In some examples, a child mayinitiate the security period with the parent being notified if they failto terminate the period or check in when prompted.

In some examples, a security period may be initiated by a passiveactivity of the user. For example, a system may detect that a user hasentered, a predefined geographic area (e.g., going off campus, leaving anursing home) and may have to check in within a certain period of time(e.g., within one hour).

In some examples, the user's community security service is notifiedregardless of the user's geographic location. For example, a user from auniversity in California may be visiting New York City yet theirsecurity-related notifications are sent back to California. Thisapproach can permit their university security service to provideadditional information to local New York police. In other examples, thesecurity service that is notified may depend on the user's geographiclocation. For example, universities may cooperate and a student visitinganother university's campus may result in a notification to the securityservice of the visited university in addition or instead of the user'shome university.

In some example, one communication server 110 may interact with multiplemobile communication systems. For example, users in a single community130 or in different communities 130 may be served by different mobiletelephone carriers.

In some version of the system, additional community services 136 maytake advantage of the capabilities of the communication server. Forexample in a university situation, a community service may include anacademic group that provides class-related notifications e.g., classcancellation, in-class surveys, etc.). Another community service mayinclude access to transportation information, such a campus bus routes,schedules, and expected arrival time information. Other examples includebroadcasting of campus-wide alerts, which may be security related.

In the description above, in some examples of the system a universitystudent community is provided as an example of users served by thesystem. Other examples of communities may be served by examples of thesystem. For example, personnel on a military base, a special interestgroup, a church group, residents of a housing development, inhabitantsof cities, towns, hotel guests, etc, can each form a community served byan example of a personal security system.

In some examples, capabilities described are implemented in software,which may be stored on computer readable media or embodied on signalspropagating through communication media (e.g., over wired or wirelessnetworks). The software may include instructions, such as machineinstructions, programming language or interpreter statements,instructions for virtual machines (e.g., Java), or other forms ofinstructions. The software may be distributed, for example, with somecomponents execution on the handsets and other components executing atfixed servers.

It is to be understood that the foregoing description is intended toillustrate and not to limit the scope of the invention, which is definedby the scope of the appended claims. Other embodiments are within thescope of the following claims.

Having described the invention, and a preferred embodiment thereof, whatis claim as new, and secured by letters patent is:

1-20. (canceled)
 21. A method comprising providing assistance to acaller, said method comprising receiving, at a server, a communicationfrom a mobile device that is associated with said caller, said callerhaving been enrolled as a member of a community, said mobile devicebeing located at a location that is associated with a first designatedparty for receiving emergency calls originating from said location, saidcommunity being associated with a second designated party for receivingemergency calls originating from members of said community, in responseto said communication, causing said server to initiate communicationwith said second designated party, causing said second designated partyto provide information to said first designated party, displaying, tosaid first designated party, first information characterizing saidcaller, displaying, to said first designated party, second informationcharacterizing said caller, and in response to said first communication,sending a communication from said first designated party to said mobiledevice.
 22. The method of claim 21, wherein said second designated partyis a PSAP.
 23. The method of claim 21, wherein said first designatedparty comprises a member of a campus police department.
 24. The methodof claim 21, wherein receiving said communication comprises receiving acommunication initiated by actuating, on said mobile device, a buttonthat has no function, whether alone or in combination with otherinterface elements, but to establish communication with said server. 25.The method of claim 21, further comprising receiving, from said caller,a length of said security period and, upon lapse of said securityperiod, displaying, to said first designated party, informationcharacterizing said caller.
 26. The method of claim 21, whereindisplaying, to said first designated party, information characterizingsaid caller comprises displaying vital information associated with saidcaller.
 27. The method of claim 21, further comprising receivinginformation defining an event and, following occurrence of said event,displaying, to said first designated party, information characterizingsaid caller.
 28. The method of claim 21, wherein receiving saidcommunication comprises receiving a communication initiated by actuatinga panic button.
 29. The method of claim 21, further comprising providinga graphical user interface on said mobile device for enabling saidcaller to specify a length of a security period.
 30. The method of claim21, further comprising receiving, from a caller, an instruction to starta security period and receiving, from said caller, an instruction toprematurely end said security period.
 31. The method of claim 21,wherein displaying, to said first designated party, informationcharacterizing said caller comprises displaying medical informationassociated with said caller.
 32. The method of claim 21, whereindisplaying, to said first designated party, information characterizingsaid caller occurs upon occurrence of a first event and whereindisplaying, to said second designated party, information characterizingsaid caller occurs upon occurrence of a second event.
 33. The method ofclaim 21, wherein receiving said communication comprises receiving acommunication initiated by actuating an interface element on said mobiledevice.
 34. The method of claim 21, further comprising sharing, with aplurality of members of said community, information indicative of alocation of said mobile device.
 35. The method of claim 21, wherein saidcommunity is an institution having a campus, wherein said location isbeyond said campus.